Graylog GO logo

Detecting the 3CX Supply Chain Attack with Graylog and Sigma Rules

According to reporting by several cybersecurity publications the 3CX Desktop Application  has been exploited in a supply chain attack. The 3CX client is a popular VOIP and messaging application used by over 600,000 companies. From the article on Bleeping computer This supply chain attack, dubbed ‘SmoothOperator’ by SentinelOne, starts when the MSI installer is downloaded […]